|:: [devuan-dev] Meeting notes 2020-09-…|
|This message is part of the following thread:|
|the complete thread tree sorted by date|
## Old Business * wiki exploration * Two contenders that seem reasonable: * TikiWiki * Very active cvedetails page:
https://www.cvedetails.com/vulnerability-list.php?vendor_id=12391&product_id=23390 which is enough of a worry to put me right off the idea. * PMWiki * Better record than TWiki even:
https://www.cvedetails.com/vulnerability-list.php?vendor_id=3519&product_id=0 * Both are PHP, but otherwise more or less offer the right features. I'll be happy to try additional packages, but for now I'm going to do an internal spin of PMWiki and see how it looks. If decent, I'll put it up on wiki.devuan.org with install notes. * (from rrq) page layout per user / per page?
### fsmithred * (Done) I need to build refractainstaller for beowulf-proposed-updates. I made the branch, but I don't have a label. How to make one? Or just move the packages? DONE
### LeePen * amprolla (with Evilham): * Merge of Translation files (which provide apt long package descriptions) now enabled on pkgmaster.d.o and should have propagated to all mirrors. * packages.d.o needs decommisioning * Updated ceres packages: openvpn, pdns-recursor
### mason * Bug found with unbound: * https://github.com/NLnetLabs/unbound/issues/303 * no update as yet * I spun some test packages that elide the #ifdef HAVE_CHOWN block and they work. Hopefully upstream will tell us if there is any legitimate use case for chowning a pidfile to the user as which the service runs. (Beer) Are `cfg_uid` & `cfg_gid` used to drop privileges of the unbound processes after startup? If so, a quick PR could be submitted to upstream, basically merely stripping that `chown` part. * update - beer submitted pull request https://github.com/NLnetLabs/unbound/pull/306
### rrq * would be useful with a git store bot that reviews accounts to prompt those that are empty and haven't used their account since yonks to re-register, and then weed out those that don't. The same kind of bot could well be applied to the forum as well, though perhaps with a different timeline. * (gl) On git high percentage of registrations are confirmed but the user never signs in. On the forum there are over 400 users with no posts including nextime, Lydia-K, lkcl and d1g-voyager. I am less inclined to start nuking those. Perhaps compare the registration date with the last visited date to help make the decision? Although some may be visiting but not logging in too. Harder to sort forum than git users. How about adding a "rule" that users must sign in once a year to keep account active?
### golinux * Would like to limit the size of signatures on DNG. Emailed jaromil about this but no response. Rick Moen . . . maybe there is a way to set this in the web admin panel? I'll poke around in a bit to see if I can find it. * (mason) tough to do programmatically - people have to honor etiquette to be able to reliably identify signatures, and if they're honoring the etiquette they *probably* aren't problem cases